Q: What is U.S. EMV?
A: EMV stands for EuroPay, MasterCard®, Visa®, the three entities that worked together to create worldwide standards for the chip card to ensure global interoperability. EMV is a payment method that combines a plastic card with integrated circuit chip (ICC). An EMV card uses the ICC to hold the account number and other sensitive data instead of using a magnetic stripe. The chip also contains logic for transaction processing and risk management.

EMV adoption in the rest of the world has been a gradual process that has taken years to decades to penetrate. The U.S. will need to modify many of its payment process to fit into the EMV model.

A great source of information on EMV, including historic information and recent announcements is the EMVCo™ website, www.emvco.com.

Q: Do I have to implement EMV?
A: No, there is no mandate. Merchants should consider the following when or if they should implement EMV:

How will EMV impact my line speed?

What is the total cost of implementation?

What is my current fraud chargeback liability, and does moving to EMV make sense in light of the potential impact to my business?

Are there other security solutions available that can meet my needs?

If I don’t do EMV, how can I make sure my cardholders are protected at my POS?

In addition, merchants should meet with their reseller to better understand EMV solutions for your specific POS and additional security measures.

Q: Why EMV Now?
A: U.S. card present fraud is above the world average and continues to increase. EMV supports enhanced verification methods such as PIN and Signature verification. As of October 2015 there was a fraud chargeback liability shift for merchants that choose not to implement EMV. In addition, starting back in 2015 U.S. issuers will begin to issue more cards that will have EMV chips on them.

Q: What was the October 2015 liability shift?
A: A liability shift that occurred in October, 2015—the liability for fraudulent transactions will move from card issuers to merchants if an EMV card is presented for payment at the merchant and it is swiped or entered manually and the transaction is fraudulent. In this scenario the merchant would be liable for the fraud, not the issuer.

Q: Will cards still be issued with mag stripes and will my existing equipment still work after the liability shift?

A: Cards will still be issued with mag stripe for the foreseeable future, but for how long is hard to state with certainty. As an example, EMV is over 5 years into its implementation in Canada and banks are still issuing cards with mag stripes. We are confident that the card brands and issuers will give the merchant community sufficient notice if they choose to stop issuing cards with mag stripe capabilities.

Q: Should I get an EMV ready terminal that is separate from my POS?

A: No, there are EMV peripheral devices that do integrate with your specific POS system (Like Microsoft Dynamics RMS, Cloud Retailer, RMH, etc.) and your type of business. There is a big difference between EMV “ready” and EMV certified.

‘Ready’ simply means that hardware has a slot for the card. Certified means the hardware, payment application and device software (kernal) have all gone through an entire certification process. Getting a separate terminal will invalidate the full functionality of your POS system. Contact your reseller or POS provider to discuss device options that will work best with your system and best meet your business needs.

Q: Will I be charged more if don’t implement EMV?

A: EMV is a card network initiative. Currently, the card networks will be charging the same interchange rates for EMV and non-EMV transactions. Your Credit card processor has no control over network interchange rates or knowledge of changes in the future.

Q: I already have an End-to-End(E2E) encryption, do I have to implement EMV?
A: There is no mandate to implement EMV, but EMV is an important part of a card security solution. Coupling EMV with E2E encryption can provide merchants with the benefits of both avoiding the liability shift that EMV brings, along with PCI scope reduction when using E2E encryption.

Q: How does EMV work at the POS?
A: An EMV transaction will have a four step process:

An EMV card is inserted into a device attached to your POS system

The chip embedded in the card contains a unique key that is accessed by the reader in the device

The chips sends a unique cryptogram to the processor’s host with the approval transaction

The card is removed from the device once the transaction is complete In a chip and PIN transaction the customer is asked for his or her PIN number (if applicable).

In a chip and Signature transaction the customer is asked to sign a paper receipt or electronic signature pad.

Source: Nilson Report, August 2013.

**Payments Security Task Force (PST), Mastercard release 8/2014

Q: Does an EMV solution protect me from hackers?
A: In this day and age most anything can be hacked, just ask Sony (they got hacked by North Korea). Deploying CardDefender greatly reduces the risk of being hacked.

CardDefender removes and keeps all sensitive Card Holder Data from your POS. This is a huge benefit since the POS tower is the most vulnerable piece of a POS system when it comes to being hacked.

CardDefender also eliminates Credit Card Terminals from having a "hard line" connection to your POS which also keeps hackers away from that sensitive data.

Q: If I use EMV am I protected from charge backs?
A: In October 2015 there was a liability shift focused around EMV. Truth is, the Credit Card companies have always laid the liability on the retailer. Deploying EMV capable hardware really is to prevent "card present" fraud (fake cards). As far as charge backs, without having an EMV capable terminal in place the Card Companies will automatically refuse to cover the charge back. Having an EMV capable solution opens the door to a conversation with them as to who will cover the charge back. You will still need to prove good process on the charge in question.

Pricing and availability

RITE has options for an EMV solution that will best suit the needs of your business. For compatibility of your CC processor with the solutions that we provide please visit this link HERE.

CardDefender is a credit card processing solution that provides payment processing with security that is leaps and bounds beyond the standard built in card processing technology used in today’s point of sale systems. With the hacking of card data so prevalent in all retail circles, your customer’s card data is one less thing you should have to worry about, this technology solves that.